﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using CarLoanSystem.Entity;

namespace CarLoanSystem.DAL
{
    public class CustomerInfoDAL : DBBase
    {
        public static DataTable LoadAllCustomer(string id = "", string name = "", string lastName = "")
        {
            try
            {
                string sqlQuery = @"SELECT [CUSTOMER_ID],[CUSTOMER_NAME],[CUSTOMER_LASTNAME],[CUSTOMER_PERSONAL_ID]
                                ,[CUSTOMER_AGE],[CUSTOMER_TEL],[CUSTOMER_ADDRESS],[CUSTOMER_SARARY],[CUSTOMER_WORK_ADDRESS]
                                ,[CUSTOMER_WORK_TEL],[CUSTOMER_JOB],[CUSTOMER_BLACK_LIST]
                                ,[USERNAME] FROM [CAR_LOAN].[dbo].[CUSTOMER] where 1=1 ";

                if (id != "")
                {
                    sqlQuery += "and [CUSTOMER_ID] = " + id;
                }
                if (name != "")
                {
                    sqlQuery += "and [CUSTOMER_NAME] like '%" + name + "%'";
                }
                if (lastName != "")
                {
                    sqlQuery += "and [CUSTOMER_LASTNAME] like '%" + lastName + "%'";
                }

                DBBase.ConncetDatabase();

                SqlCommand command = new SqlCommand(sqlQuery, DBBase.con);
                SqlDataReader dr = command.ExecuteReader();

                DataTable dt = new DataTable();
                if (dr.HasRows)
                {
                    dt.Load(dr);
                    DBBase.DisConncetDatabase();
                    return dt;
                }
                else
                {
                    DBBase.DisConncetDatabase();
                    return null;
                }

            }
            catch (Exception ex)
            {
                return null;
            }
        }

        public static CustomerItem LoadCustomer(int id)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlDataReader dr;
                SqlCommand command = new SqlCommand(@"SELECT [CUSTOMER_ID],[CUSTOMER_NAME],[CUSTOMER_LASTNAME],[CUSTOMER_PERSONAL_ID]
                                ,[CUSTOMER_AGE],[CUSTOMER_TEL],[CUSTOMER_ADDRESS],[CUSTOMER_SARARY],[CUSTOMER_WORK_ADDRESS]
                                ,[CUSTOMER_WORK_TEL],[CUSTOMER_JOB],[CUSTOMER_BLACK_LIST]
                                ,[USERNAME] FROM [CAR_LOAN].[dbo].[CUSTOMER] WHERE [CUSTOMER_ID] = @CUSTOMER_ID", DBBase.con);
                command.Parameters.AddWithValue("@CUSTOMER_ID", id);
                dr = command.ExecuteReader();
                DataTable dt = new DataTable();
                if (dr.HasRows)
                {
                    dt.Load(dr);
                }
                DBBase.DisConncetDatabase();
                if (dt.Rows.Count > 0)
                {
                    CustomerItem item = new CustomerItem();
                    item.CUSTOMER_ID = Convert.ToInt32(dt.Rows[0]["CUSTOMER_ID"].ToString());
                    item.CUSTOMER_NAME = dt.Rows[0]["CUSTOMER_NAME"].ToString();
                    item.CUSTOMER_LASTNAME = dt.Rows[0]["CUSTOMER_LASTNAME"].ToString();
                    item.CUSTOMER_PERSONAL_ID = dt.Rows[0]["CUSTOMER_PERSONAL_ID"].ToString();
                    item.CUSTOMER_AGE = Convert.ToInt32(dt.Rows[0]["CUSTOMER_AGE"].ToString());
                    item.CUSTOMER_TEL = dt.Rows[0]["CUSTOMER_TEL"].ToString();
                    item.CUSTOMER_ADDRESS = dt.Rows[0]["CUSTOMER_ADDRESS"].ToString();
                    item.CUSTOMER_SARARY = Convert.ToInt32(dt.Rows[0]["CUSTOMER_SARARY"].ToString());
                    item.CUSTOMER_WORK_ADDRESS = dt.Rows[0]["CUSTOMER_WORK_ADDRESS"].ToString();
                    item.CUSTOMER_WORK_TEL = dt.Rows[0]["CUSTOMER_WORK_TEL"].ToString();
                    item.CUSTOMER_JOB = dt.Rows[0]["CUSTOMER_JOB"].ToString();
                    item.CUSTOMER_BLACK_LIST = dt.Rows[0]["CUSTOMER_BLACK_LIST"].ToString();
                    item.USERNAME = dt.Rows[0]["USERNAME"].ToString();
                    return item;
                }
                else
                {
                    return null;
                }
            }
            catch (Exception ex)
            {
                return null;
            }
        }

        public static bool Insert(CustomerItem item)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlCommand command = new SqlCommand(@"INSERT INTO [CAR_LOAN].[dbo].[CUSTOMER]
                                                       ([CUSTOMER_NAME]
                                                       ,[CUSTOMER_LASTNAME]
                                                       ,[CUSTOMER_PERSONAL_ID]
                                                       ,[CUSTOMER_AGE]
                                                       ,[CUSTOMER_TEL]
                                                       ,[CUSTOMER_ADDRESS]
                                                       ,[CUSTOMER_SARARY]
                                                       ,[CUSTOMER_WORK_ADDRESS]
                                                       ,[CUSTOMER_WORK_TEL]
                                                       ,[CUSTOMER_JOB]
                                                       ,[CUSTOMER_BLACK_LIST]
                                                       ,[USERNAME]
                                                       ,[PASSWORD])
                                                 VALUES
                                                      ( @CUSTOMER_NAME
                                                       ,@CUSTOMER_LASTNAME
                                                       ,@CUSTOMER_PERSONAL_ID
                                                       ,@CUSTOMER_AGE
                                                       ,@CUSTOMER_TEL
                                                       ,@CUSTOMER_ADDRESS
                                                       ,@CUSTOMER_SARARY
                                                       ,@CUSTOMER_WORK_ADDRESS
                                                       ,@CUSTOMER_WORK_TEL
                                                       ,@CUSTOMER_JOB
                                                       ,@CUSTOMER_BLACK_LIST
                                                       ,@USERNAME
                                                       ,@PASSWORD)", DBBase.con);

                command.Parameters.AddWithValue("@CUSTOMER_NAME", item.CUSTOMER_NAME);
                command.Parameters.AddWithValue("@CUSTOMER_LASTNAME", item.CUSTOMER_LASTNAME);
                command.Parameters.AddWithValue("@CUSTOMER_PERSONAL_ID", item.CUSTOMER_PERSONAL_ID);
                command.Parameters.AddWithValue("@CUSTOMER_AGE", item.CUSTOMER_AGE);
                command.Parameters.AddWithValue("@CUSTOMER_TEL", item.CUSTOMER_TEL);
                command.Parameters.AddWithValue("@CUSTOMER_ADDRESS", item.CUSTOMER_ADDRESS);
                command.Parameters.AddWithValue("@CUSTOMER_SARARY", item.CUSTOMER_SARARY);
                command.Parameters.AddWithValue("@CUSTOMER_WORK_ADDRESS", item.CUSTOMER_WORK_ADDRESS);
                command.Parameters.AddWithValue("@CUSTOMER_WORK_TEL", item.CUSTOMER_WORK_TEL);
                command.Parameters.AddWithValue("@CUSTOMER_JOB", item.CUSTOMER_JOB);
                command.Parameters.AddWithValue("@CUSTOMER_BLACK_LIST", item.CUSTOMER_BLACK_LIST);
                command.Parameters.AddWithValue("@USERNAME", item.USERNAME.ToLower());
                command.Parameters.AddWithValue("@PASSWORD", item.PASSWORD.ToLower());
                int tmp = command.ExecuteNonQuery();
                DBBase.DisConncetDatabase();
                return true;
            }
            catch (Exception ex)
            {
                DBBase.DisConncetDatabase();
                throw ex;
            }
        }

        public static bool Update(CustomerItem item)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlCommand command = new SqlCommand(@"UPDATE [CAR_LOAN].[dbo].[CUSTOMER]
                                               SET [CUSTOMER_NAME] = @CUSTOMER_NAME
                                                  ,[CUSTOMER_LASTNAME] = @CUSTOMER_LASTNAME
                                                  ,[CUSTOMER_PERSONAL_ID] = @CUSTOMER_PERSONAL_ID
                                                  ,[CUSTOMER_AGE] = @CUSTOMER_AGE
                                                  ,[CUSTOMER_TEL] = @CUSTOMER_TEL
                                                  ,[CUSTOMER_ADDRESS] = @CUSTOMER_ADDRESS
                                                  ,[CUSTOMER_SARARY] = @CUSTOMER_SARARY
                                                  ,[CUSTOMER_WORK_ADDRESS] = @CUSTOMER_WORK_ADDRESS
                                                  ,[CUSTOMER_WORK_TEL] = @CUSTOMER_WORK_TEL
                                                  ,[CUSTOMER_JOB] = @CUSTOMER_JOB
                                                  ,[CUSTOMER_BLACK_LIST] = @CUSTOMER_BLACK_LIST 
                                                  ,[USERNAME] = @USERNAME
                                                  ,[PASSWORD] = @PASSWORD
                                             WHERE [CUSTOMER_ID] = @CUSTOMER_ID", DBBase.con);

                command.Parameters.AddWithValue("@CUSTOMER_ID", item.CUSTOMER_ID);
                command.Parameters.AddWithValue("@CUSTOMER_NAME", item.CUSTOMER_NAME);
                command.Parameters.AddWithValue("@CUSTOMER_LASTNAME", item.CUSTOMER_LASTNAME);
                command.Parameters.AddWithValue("@CUSTOMER_PERSONAL_ID", item.CUSTOMER_PERSONAL_ID);
                command.Parameters.AddWithValue("@CUSTOMER_AGE", item.CUSTOMER_AGE);
                command.Parameters.AddWithValue("@CUSTOMER_TEL", item.CUSTOMER_TEL);
                command.Parameters.AddWithValue("@CUSTOMER_ADDRESS", item.CUSTOMER_ADDRESS);
                command.Parameters.AddWithValue("@CUSTOMER_SARARY", item.CUSTOMER_SARARY);
                command.Parameters.AddWithValue("@CUSTOMER_WORK_ADDRESS", item.CUSTOMER_WORK_ADDRESS);
                command.Parameters.AddWithValue("@CUSTOMER_WORK_TEL", item.CUSTOMER_WORK_TEL);
                command.Parameters.AddWithValue("@CUSTOMER_JOB", item.CUSTOMER_JOB);
                command.Parameters.AddWithValue("@CUSTOMER_BLACK_LIST", item.CUSTOMER_BLACK_LIST);
                command.Parameters.AddWithValue("@USERNAME", item.USERNAME.ToLower());
                command.Parameters.AddWithValue("@PASSWORD", item.PASSWORD.ToLower());
                int tmp = command.ExecuteNonQuery();
                DBBase.DisConncetDatabase();
                return true;
            }
            catch (Exception ex)
            {
                DBBase.DisConncetDatabase();
                throw ex;
            }
        }

        public static bool ChangePassword(CustomerItem item)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlCommand command = new SqlCommand(@"UPDATE [CAR_LOAN].[dbo].[CUSTOMER]
                                               SET [PASSWORD] = @PASSWORD
                                             WHERE [USERNAME] = @USERNAME ", DBBase.con);
                command.Parameters.AddWithValue("@USERNAME", item.USERNAME.ToLower());
                command.Parameters.AddWithValue("@PASSWORD", item.PASSWORD.ToLower());
                int tmp = command.ExecuteNonQuery();
                DBBase.DisConncetDatabase();
                return true;
            }
            catch (Exception ex)
            {
                DBBase.DisConncetDatabase();
                throw ex;
            }
        }

        public static bool UpdateBalckList(CustomerItem item)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlCommand command = new SqlCommand(@"UPDATE [CAR_LOAN].[dbo].[CUSTOMER]
                                               SET [CUSTOMER_BLACK_LIST] = @CUSTOMER_BLACK_LIST 
                                             WHERE ([CUSTOMER_ID] = @CUSTOMER_ID)", DBBase.con);
                command.Parameters.AddWithValue("@CUSTOMER_ID", item.CUSTOMER_ID);
                command.Parameters.AddWithValue("@CUSTOMER_BLACK_LIST", item.CUSTOMER_BLACK_LIST);
                int tmp = command.ExecuteNonQuery();
                DBBase.DisConncetDatabase();
                return true;
            }
            catch (Exception ex)
            {
                DBBase.DisConncetDatabase();
                throw ex;
            }
        }

        public static CustomerItem Login(string username, string password)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlDataReader dr;
                SqlCommand command = new SqlCommand(@"SELECT [CUSTOMER_ID],[CUSTOMER_NAME],[CUSTOMER_LASTNAME],[CUSTOMER_PERSONAL_ID]
                                                    ,[CUSTOMER_AGE],[CUSTOMER_TEL],[CUSTOMER_ADDRESS],[CUSTOMER_SARARY]
                                                    ,[CUSTOMER_WORK_ADDRESS],[CUSTOMER_WORK_TEL],[CUSTOMER_JOB],[CUSTOMER_BLACK_LIST]
                                                    ,[USERNAME],[PASSWORD] FROM [CAR_LOAN].[dbo].[CUSTOMER] 
                                                    WHERE [USERNAME] = @USERNAME And [PASSWORD] = @PASSWORD", DBBase.con);
                command.Parameters.AddWithValue("@USERNAME", username.ToLower());
                command.Parameters.AddWithValue("@PASSWORD", password.ToLower());
                dr = command.ExecuteReader();
                DataTable dt = new DataTable();
                if (dr.HasRows)
                {
                    dt.Load(dr);
                }
                DBBase.DisConncetDatabase();
                if (dt.Rows.Count > 0)
                {
                    CustomerItem item = new CustomerItem();
                    item.CUSTOMER_ID = Convert.ToInt32(dt.Rows[0]["CUSTOMER_ID"].ToString());
                    item.CUSTOMER_NAME = dt.Rows[0]["CUSTOMER_NAME"].ToString();
                    item.CUSTOMER_LASTNAME = dt.Rows[0]["CUSTOMER_LASTNAME"].ToString();
                    item.CUSTOMER_AGE = Convert.ToInt32(dt.Rows[0]["CUSTOMER_AGE"].ToString());
                    item.CUSTOMER_TEL = dt.Rows[0]["CUSTOMER_TEL"].ToString();
                    item.CUSTOMER_PERSONAL_ID = dt.Rows[0]["CUSTOMER_PERSONAL_ID"].ToString();
                    item.CUSTOMER_ADDRESS = dt.Rows[0]["CUSTOMER_ADDRESS"].ToString();
                    item.CUSTOMER_BLACK_LIST = dt.Rows[0]["CUSTOMER_BLACK_LIST"].ToString();
                    item.CUSTOMER_JOB = dt.Rows[0]["CUSTOMER_JOB"].ToString();
                    item.CUSTOMER_SARARY = Convert.ToInt32(dt.Rows[0]["CUSTOMER_SARARY"].ToString());
                    item.CUSTOMER_WORK_ADDRESS = dt.Rows[0]["CUSTOMER_WORK_ADDRESS"].ToString();
                    item.CUSTOMER_WORK_TEL = dt.Rows[0]["CUSTOMER_WORK_TEL"].ToString();
                    item.USERNAME = dt.Rows[0]["USERNAME"].ToString();
                    item.PASSWORD = dt.Rows[0]["PASSWORD"].ToString();
                    return item;
                }
                else
                {
                    return null;
                }
            }
            catch (Exception ex)
            {
                return null;
            }
        }

        public static bool CheckUsername(string username)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlDataReader dr;
                SqlCommand command = new SqlCommand(@"SELECT [USERNAME] FROM [CAR_LOAN].[dbo].[CUSTOMER] 
                                                    WHERE [USERNAME] = @USERNAME", DBBase.con);
                command.Parameters.AddWithValue("@USERNAME", username.ToLower());
                dr = command.ExecuteReader();
                DataTable dt = new DataTable();
                if (dr.HasRows)
                {
                    dt.Load(dr);
                }
                DBBase.DisConncetDatabase();
                if (dt.Rows.Count > 0)
                {
                    return true;
                }
                else
                {
                    return false;
                }
            }
            catch (Exception ex)
            {
                return false;
            }
        }

        public static bool CheckUsernamePassword(string username,string password)
        {
            try
            {
                DBBase.ConncetDatabase();
                SqlDataReader dr;
                SqlCommand command = new SqlCommand(@"SELECT [USERNAME] FROM [CAR_LOAN].[dbo].[CUSTOMER] 
                                                    WHERE [USERNAME] = @USERNAME AND [PASSWORD] = @PASSWORD", DBBase.con);
                command.Parameters.AddWithValue("@USERNAME", username.ToLower());
                command.Parameters.AddWithValue("@PASSWORD", password.ToLower());
                dr = command.ExecuteReader();
                DataTable dt = new DataTable();
                if (dr.HasRows)
                {
                    dt.Load(dr);
                }
                DBBase.DisConncetDatabase();
                if (dt.Rows.Count > 0)
                {
                    return true;
                }
                else
                {
                    return false;
                }
            }
            catch (Exception ex)
            {
                return false;
            }
        }
    }
}
